Lucene search
+L

68 matches found

Positive Technologies
Positive Technologies
added 2022/10/06 12:0 a.m.11 views

PT-2022-26440 · Generex · Generex Cs141

Name of the Vulnerable Software and Affected Versions: Generex CS141 versions 2.08 through 2.10 Description: The issue allows remote command execution by administrators via a web interface that reaches run update in /usr/bin/gxserve-update.sh. This can occur, for example, via a reverse shell...

9.1CVSS7.5AI score0.02333EPSS
Exploits2References8
CVE
CVE
added 2022/10/06 12:0 a.m.103 views

CVE-2022-42457

Generex CS141 (UPS Adapter) has a remote code execution in versions up to 2.10 via the web interface calling run_update in /usr/bin/gxserve-update.sh, which extracts and executes install.sh from a tarball (untested tarball payload). Public evidence across multiple sources (RH advisory, CNVD, CNNV...

9.1CVSS7.1AI score0.02333EPSS
Exploits2References5Affected Software1
CNVD
CNVD
added 2020/04/28 12:0 a.m.5 views

UPS Adapter CS141 Path Traversal Vulnerability

GENEREX UPS Adapter CS141 is a UPS Uninterruptible Power System adapter from GENEREX Germany. A path traversal vulnerability exists in GENEREX UPS Adapter CS141 versions prior to 1.90. The vulnerability stems from a failure of a networked system or product to properly filter special elements in t...

6.5CVSS6.8AI score0.01642EPSS
Exploits0References1
NVD
NVD
added 2020/04/27 2:15 p.m.16 views

CVE-2020-11420

UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may acce...

6.5CVSS6.3AI score0.01642EPSS
Exploits0References3
OSV
OSV
added 2020/04/27 2:15 p.m.5 views

CVE-2020-11420

UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may acce...

6.5CVSS6.7AI score0.01642EPSS
Exploits0References3
Prion
Prion
added 2020/04/27 2:15 p.m.15 views

Directory traversal

UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may acce...

4CVSS6.3AI score0.01642EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/04/27 1:4 p.m.50 views

CVE-2020-11420

CVE-2020-11420 affects GENEREX UPS Adapter CS141 prior to v1.90. Affected component: path handling in the CS141 web-facing interface which allows Directory Traversal. Attack scenario: an attacker with Admin or Engineer credentials can manipulate variables that reference files to access arbitrary ...

6.5CVSS6.3AI score0.01642EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/04/27 1:4 p.m.20 views

CVE-2020-11420

UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may acce...

6.3AI score0.01642EPSS
Exploits0References3
Rows per page
Query Builder